summaryrefslogtreecommitdiffstats
path: root/kernel/auditsc.c
diff options
context:
space:
mode:
authorGaosheng Cui <cuigaosheng1@huawei.com>2021-10-16 09:23:51 +0200
committerPaul Moore <paul@paul-moore.com>2021-10-19 00:34:37 +0200
commitd9516f346e8b8e9c7dd37976a06a5bde1a871d6f (patch)
tree0aba70364c97f813187391fb16cc08fae0c151cb /kernel/auditsc.c
parentaudit: add OPENAT2 record to list "how" info (diff)
downloadlinux-d9516f346e8b8e9c7dd37976a06a5bde1a871d6f.tar.xz
linux-d9516f346e8b8e9c7dd37976a06a5bde1a871d6f.zip
audit: return early if the filter rule has a lower priority
It is not necessary for audit_filter_rules() functions to check audit fileds of the rule with a lower priority, and if we did, there might be some unintended effects, such as the ctx->ppid may be changed unexpectedly, so return early if the rule has a lower priority. Signed-off-by: Gaosheng Cui <cuigaosheng1@huawei.com> [PM: slight tweak to the subject line] Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'kernel/auditsc.c')
-rw-r--r--kernel/auditsc.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index a4ba53f5354e..6efb0bb909d0 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -470,6 +470,9 @@ static int audit_filter_rules(struct task_struct *tsk,
u32 sid;
unsigned int sessionid;
+ if (ctx && rule->prio <= ctx->prio)
+ return 0;
+
cred = rcu_dereference_check(tsk->cred, tsk == current || task_creation);
for (i = 0; i < rule->field_count; i++) {
@@ -737,8 +740,6 @@ static int audit_filter_rules(struct task_struct *tsk,
}
if (ctx) {
- if (rule->prio <= ctx->prio)
- return 0;
if (rule->filterkey) {
kfree(ctx->filterkey);
ctx->filterkey = kstrdup(rule->filterkey, GFP_ATOMIC);